2 of 2 Remote Kusto Query Language Jobs in West Yorkshire

you’ll be at the heart of the managed SOC services, monitoring, investigating, and responding to security incidents across client environments. You’ll leverage Microsoft Sentinel, Defender XDR, and KQL to detect threats, improve detection rules, and help clients stay secure. What You’ll Do: Monitor and analyse security alerts in Microsoft Sentinel & Defender XDR Investigate and respond to incidents … threats, and suspicious activity Develop and optimize KQL queries, analytics rules, and automation playbooks Assist in onboarding new clients into Sentinel (connectors, log sources, playbooks) Collaborate with engineers and clients to enhance security visibility Contribute to threat hunting, detection tuning, and SOC process improvements Skills You’ll Need: 2-5+ years in a SOC, threat detection, or incident response … role Hands-on experience with Microsoft Sentinel (KQL, analytics rules, Logic Apps) Knowledge of Microsoft Defender XDR suite (Defender for Endpoint, Cloud, Identity) Understanding of MITRE ATT&CK, SIEM best practices, and security operations Strong analytical & communication skills (explaining risks to clients is key!) Bonus if you have: Microsoft certs (SC-200, SC-100, AZ-500) Experience with automation (Logic More ❯

and cybersecurity researchers to identify analytics, threat intelligence, and tradecraft that benefit the Blue Team. Communicate funding and prioritization suggestions and lead implementation when needed. Develop complex, anomaly-based KQL analytics and playbooks for detection in M365, Linux, and Windows environments. Review open-source research on threats affecting cloud services and VMs, prioritizing and implementing relevant findings. Research vulnerabilities, produce … control systems. Experience in developing malware and anomaly detections. Use of statistical methods for anomaly detection. Proficiency with Microsoft Sentinel and/or XDR. Strong skills in writing complex KQL analytics/searches. Awareness of current security threats. Ability to prioritize threats effectively. Understanding factors affecting detection effectiveness. Threat hunting or SOC analyst certifications preferred. Life at BAE Systems Digital More ❯